package com.example.AIstudy.security;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

//EnableGlobalMethodSecurity：允许在方法上添加安全注释，例如在controller上添加权限判断的注释

//@Configuration
//@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
//public class SecurityConfig {
//
//    @Autowired
//    JwtRequestFilter jwtRequestFilter; //注入JWT过滤器Bean
//
//    private static final String[] AUTH_WHITELIST = {
//            "/swagger-resources/**",
//            "/swagger-ui.html",
//            "/v2/api-docs",
//            "/webjars/**"
//    };
//
//    /**
//     * 使用HttpSecurity来配置认证和授权
//     *
//     * @param http
//     * @return
//     * @throws Exception
//     */
//    @Bean
//    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
//        http.cors();             //允许跨域
//        http.csrf().disable();   //关闭csrf过滤器
//        http.authorizeRequests()
//                .antMatchers("/authenticate/login","/authenticate/register").permitAll() //login接口直接放行，这个不检查权限
//                .antMatchers(AUTH_WHITELIST).permitAll()
//                .antMatchers("/swagger-ui/*","/test","/test/*").permitAll()
//                .anyRequest().authenticated()  //其他接口需要认证
//                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
//        //添加jwtRequestFilter过滤器到UsernamePasswordAuthenticationFilter之前
//        http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
//        return http.build();
//    }
//
//
//    /**
//     * 密码加密的Bean
//     *
//     * @return
//     */
//    @Bean
//    public PasswordEncoder passwordEncoder() {
//        return new BCryptPasswordEncoder(); //BCrypt加密算法
//    }
//
//
//}
